Infinite Loop —

Apple claims jailbreaking could crash cell towers

If the Copyright Office were to allow a DMCA exemption for jailbreaking …

Apple has filed responses to specific questions from the Copyright Office considering a proposed DMCA exemption for jailbreaking its phones. Aside from the usual issues concerning copyrights, which Apple naturally asserts do not warrant a DMCA exemption, the response also details possible harm to a cell network that jailbreaking could cause, including facilitation of drug dealers and crashing cell towers.

As part of the triennial review of requests for DMCA exemptions, the EFF filed a request that jailbreaking iPhones be considered for an exemption. While Apple hasn't brought any lawsuits against jailbreaking or those who create jailbreaking tools, the EFF filed an exemption request to stave off any possible DMCA violation that might arise from what the EFF characterizes as consumers exercising their rights to use a device as they see fit.

Apple naturally opposed the request, suggesting that the DRM on the iPhone was intrinsic to both Apple's business model and the safety of the iPhone in general.

The latest filing from Apple comes after the Copyright Office submitted specific questions to the company in regard to jailbreaking an iPhone. Most of the questions concerned specifics of copyright and licensing agreement terms, but one in particular asked if functionality of an iPhone would be affected by jailbreaking. And Apple provided a whole laundry list of possible, if unlikely, scenarios that could spell doom for iPhone users or network operators should jailbreaking be given a DMCA exemption.

At the heart of Apple's concerns is baseband hacking. The baseband processor in a cellphone is responsible for making and maintaining connections to cell towers. Once an iPhone is jailbroken, there's essentially nothing stopping a hacker from futzing around with the baseband or changing a device's Exclusive Chip Identification (ECID) number. Apple posits that hackers could then attempt to make free phone calls, skirt a carrier's data limits, cause phones to stop connecting to the network, or even allow drug dealers to make anonymous phone calls.

"More pernicious forms of activity may also be enabled," wrote Apple. "For example, a local or international hacker could potentially initiate commands (such as a denial of service attack) that could crash the tower software, rendering the tower entirely inoperable to process calls or transmit data."

Apple maintains that its lockdown of the iPhone is needed to prevent these kinds of scenarios. But such uses aren't contemplated by most jailbreakers, who generally want to install applications that Apple won't approve for the App Store and perform a variety of customizations, such as Springboard skinning. Most jailbreakers still want their phones to work, and likely aren't interested in bringing down the network.

A tinkerer running a shell on his iPhone, or putting on custom icons, or experimenting with emulators, are exactly the kinds of legal activities that the EFF believes warrant a DMCA exemption. Just because a device has potential to be used illegally isn't, in their view, a sound argument against allowing individuals to use it in ways that are legal but not necessarily desired by the maker.

The Copyright Office will decide on the request later this year.

Further reading:

The EFF's original request to the Copyright Office for a DMCA exemption, in part, for "[c]omputer programs that enable wireless telephone handsets to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the telephone handset."

If Apple were sincere with their concerns, they would open up iPod Touches to all comers, since those do not interact with the cell network. That would be a test case to determine where their motivations truly lie.

I jailbroke my iPhone 3GS simply to run applications (like Pandora) in the background while I do other tasks (like respond to SMS messages). Can someone please tell me how this *might* crash AT&T's cell towers?

Originally posted by alienvenom:I jailbroke my iPhone 3GS simply to run applications (like Pandora) in the background while I do other tasks (like respond to SMS messages). Can someone please tell me how this *might* crash AT&T's cell towers?

Go to a local AT&T cell tower and look for loose bolts at the base supports. If one critical bolt happens to be almost unscrewed and simply needs a nudge to knock it out, throw your iPhone at it. That *might* crash the tower.

Originally posted by trism:So making (keeping) it illegal to jailbreak a phone is going to stop people from hacking a cell phone tower - if that's even possible - where the laws against that kind of hacking wouldn't stop them?

Also, using similar logic, shouldn't all computers be made illegal? They may facilitate hacking!

+++Somehow I don't trust the Copyright Office to see through this FUD. May I be pleasantly surprised.

Obviously apple is not doing this because they really care about the security of the towers, but the security of cell towers is a very real concern.

And theories about nefarious intentions aside, by becoming the dominant smartphone os, Apple has an especially big responsibility to make their OS as secure as possible/reasonable -- just as MS has this responsibility in the PC world. Computer security is a big deal, nowadays.

Exactly how either MS or Apple can secure their dominant OSes is up for debate. Dorks who post on tech news sites don't really like how both MS and Apple have approached the problem, but I've see little discussion of practical alternatives in these types of discussions.

LOL...drug dealers making anonymous phone calls...that is awesome. So glad I didn't buy an Iphone.... I really don't want to be profiled as a drug dealer cuz I would have an iphone. (Before everyone gets in a tizzy, it was sarcasm)

Originally posted by trism:So making (keeping) it illegal to jailbreak a phone is going to stop people from hacking a cell phone tower - if that's even possible - where the laws against that kind of hacking wouldn't stop them?

Also, using similar logic, shouldn't all computers be made illegal? They may facilitate hacking!

++

Also, along those lines of logic all cars should be illegal since they facilitate speeding. All writing instruments should be illegal since they facilitate forgery. All electricity should be illegal since it facilitates hacking. In fact, life should be illegal since it facilitates all crime.

These are the weakest arguments against DRM circumvention. That allowing the legal circumvention of DRM will somehow allow for illegal activities to happen. As if people who are going to hack a network or deal drugs are going to be at all concerned with the illegality of jailbreaking a phone.

Can anyone in all honesty expect this statement to be uttered, "I would crash the entire cellular network causing massive confusion and panic, but I sure as heck am not going to crack the DRM necessary to do it."?

The solution is easy and obvious: make the iPhone available for all carriers. Everyone I know with a jb'd iPhone did it so they can go with a carrier other than AT&T. Obviously, the Apple/AT&T deal is the real cause of the problem

Complete and total FUD. Apple, I expect better from you! There must be dozens of GOOD REASONS to prevent jailbreaking, so why put out this GARBAGE? Are the real arguments so weak as to need propping up?

Allowing people to bypass DRM wouldn't magically make hacking cell towers and getting free cellular service legal. More importantly, the fact that bypassing DRM is illegal wouldn't stop anyone from doing these things right now.

This reminds me of open source wifi drivers under Linux brouhaha. If Apple really cared about cell tower crashing or free phone calls they'd take it up with the FCC, the fact they are trying to hide behind the DMCA is rather telling.

Originally posted by tenuki:Obviously apple is not doing this because they really care about the security of the towers, but the security of cell towers is a very real concern.

And theories about nefarious intentions aside, by becoming the dominant smartphone os, Apple has an especially big responsibility to make their OS as secure as possible/reasonable -- just as MS has this responsibility in the PC world. Computer security is a big deal, nowadays.

Is the iPhone the only phone that could do this? Does that mean a phone running WinMo is a better product since I can run what ever I want on that and I've never heard of it taking down cell towers.

And really if you are saying that people shouldn't beable to jail break thier phone because they coould then use it to do things that are illegal you fail right there. I mean if I'm going to break the law what do I care if jailbreaking the phone is illegal?

"As much as I think this is typical nonsense FUD, does their claim about accessing the baseboard processor have any merit at all?"

Well it probably does. But here's the rub, or fallacy if you prefer, of Apple's argument - anyone who would do that to do the nefarious deeds Apple lists wouldn't be worried by any DMCA provisions making it "illegal". So in my opinion, in terms of whether jail breaking should have a DMCA exemption, it's just a bunch of smoke and mirrors on Apple's part.

Does anyone seriously think this thing is locked down for security reasons anymore? Does anyone really think their concern here is for the carriers towers?

They've abused their position of control over this device consistently to serve their own interests and the interest of AT&T. Those are not entirely unreasonable, but they have nothing at all to do with security, which was the original pitch for the locked down nature of the device.

This is the exact same reason many of us opposed Microsoft's palladium stuff, this is an almost identical situation, but in a phone. Pretend its about security (and it is to a point), then turn around and abuse it whenever possible.

Yes they have an interest in securing the OS, but i should not have to choose between Microsoft style swiss cheese or a totally locked operating system.

Originally posted by TK:As much as I think this is typical nonsense FUD, does their claim about accessing the baseboard processor have any merit at all?

Not really. Accessing the baseband processor is possible, it's generally how phones are jailbroken, by not having to go through Apple's crap to do so.

The supposed "threat" is that if they can change their Exclusive Chip Identification (shouldn't Apple and the cell companies introduced some sort of security to prevent this? Basically if an ID starts flooding data, cut off that phone. If they change their identifier, cut it off again. And have some security on the actual identifier, it should need to match off with a secret key that your average hacker can't figure out easily) and then don't have any way of finding out who is sending a tonne of data to a specific tower.

The absurd part is that you would need to have a LOT of jailbroken iPhones for this to work, there needs to be no protection with the tower itself to deal with such an attack, you need a lot of working identifiers and the result is that you crash a single tower for a while.

Getting a truck and ramming it into the tower would do far more damage and would be far easier.

And do drug dealers really need to make anonymous phone calls? Is anyone listening to them? Do they go in and sign up their cell phone contract with "Tony the Drug Dealer"?

Originally posted by alienvenom:I jailbroke my iPhone 3GS simply to run applications (like Pandora) in the background while I do other tasks (like respond to SMS messages). Can someone please tell me how this *might* crash AT&T's cell towers?

No, but it may make people say "Uggh, my phone is so laggy. Iphones suck."

quote:

Complete and total FUD. Apple, I expect better from you! There must be dozens of GOOD REASONS to prevent jailbreaking, so why put out this GARBAGE? Are the real arguments so weak as to need propping up?

After seeing the PR Apple puts out, this is totally in line with their behavior. Look, I understand you have an App store to protect, but we aren't that stupid, and I'm sure their are other phones that are easier to make free calls from (that in it of itself is BS).

Notice how DRM on the iphone is never mentioned to be used to protect your data, only Apple's.

Originally posted by TK:As much as I think this is typical nonsense FUD, does their claim about accessing the baseboard processor have any merit at all?

Not really. Accessing the baseband processor is possible, it's generally how phones are jailbroken, by not having to go through Apple's crap to do so.

The supposed "threat" is that if they can change their Exclusive Chip Identification (shouldn't Apple and the cell companies introduced some sort of security to prevent this? Basically if an ID starts flooding data, cut off that phone. If they change their identifier, cut it off again. And have some security on the actual identifier, it should need to match off with a secret key that your average hacker can't figure out easily) and then don't have any way of finding out who is sending a tonne of data to a specific tower.

The absurd part is that you would need to have a LOT of jailbroken iPhones for this to work, there needs to be no protection with the tower itself to deal with such an attack, you need a lot of working identifiers and the result is that you crash a single tower for a while.

Getting a truck and ramming it into the tower would do far more damage and would be far easier.

And do drug dealers really need to make anonymous phone calls? Is anyone listening to them? Do they go in and sign up their cell phone contract with "Tony the Drug Dealer"?

No no. The NSA intercepts all the calls. So it doesn't matter how they signed up. But if they could make anonymous calls, then, umm... Damn, I thought I had it there for a second.

Originally posted by dlux:If Apple were sincere with their concerns, they would open up iPod Touches to all comers, since those do not interact with the cell network. That would be a test case to determine where their motivations truly lie.

++

Excellent point. If the purpose of the DRM is to prevent attacks on the cell network, as they claim, then the iPod Touch shouldn't be subject to any of these restrictions.

Originally posted by Mark Laarson:What kind of superphone does Apple think it's making?

The one that lays the golden egg.

But this is typical of many Steve Jobs initiated projects - quest for total control with limited consumer interaction. The difference here is that the control over software is much higher than it was over the original Mac or NeXT computer. And by killing jailbreaking, they keep people from doing things like running apps to directly access Google Voice which directly threaten either their or AT&T's business model.

Some people here need to learn to differentiate between jailbreaking and unlocking. Jailbreaking an iPhone allows it to run any application the user wishes to load on it. It does not permit the use of the phone on another network - that is what unlocking does - and that process does interact with the baseband hardware & software.

Apple's interest in preventing jailbreaking is the protection of their control over the device and revenue stream from the App Store on ITMS. Apple does not get any money from apps not acquired from the ITMS. Additionally, if a rogue application did interfere with the cellular network, and I'm sure one could be written, Apple's only concern should be the negative PR they'd receive due to the popularity of their devices.

Any phone that can have applications installed to it could be potentially dangerous to the cellular network, but you don't see everyone locking down their devices to 3rd party applications? WinMo devices have this same issue. Heck, a cellular network interface for a desktop system has the same potential to cause mayhem, but I'm not seeing Apple saying you can't install whatever you please on your Mac.

It's all about control and money. I love the devices they've produced recently, but I'm really beginning to abhor their control issues on the iPhone platform.

By the same logic Apple should be allowed totally control over what apps you run on your Mac. It is far more likely that a Mac could be used to hack the internet than your phone could be used to hack a tower.

This is the new lowest of the low for Apple. I would hope that public outrage over crap like this will force them closer to opening the iPhone platform.

It's absurd, having the iPhone closed. It can't last. The future includes lots of cheap, mobile computing, and it's going to be open. There's no way to stop that; Apple can only delay it long enough to make a huge profit.

Originally posted by TK:As much as I think this is typical nonsense FUD, does their claim about accessing the baseboard processor have any merit at all?

There are a few ways by which a cellphone can be used to maliciously attack a UTMS network, although there are protections network-side against them.

However, if Apple designed their phone such that jailbreaking as is (that is, removing the operator lock and the application signing restrictions) enabled these sorts of functionality to be easily accessed and manipulated, that is incredibly bad design on Apple's part.

Some people here need to learn to differentiate between jailbreaking and unlocking. Jailbreaking an iPhone allows it to run any application the user wishes to load on it. It does not permit the use of the phone on another network - that is what unlocking does - and that process does interact with the baseband hardware & software.

Except you have to jailbreak first before you can unlock. So really any unlocked phone is also jailbroken, right?

So assuming that there is no exemption and law abiding citizens aren't allowed to use their phones to the fullest capabilities, what is to prevent HURR DURR TERRORIST from taking out the towers by jailbreaking the phone when he/she/they isn't/aren't going to be obeying the law anyhow?

If someone with bad intent had complete control of a WCDMA phone and can override the software running on the baseband processor they can easily DOS a tower. All that one would need to do is to be located as close to the tower as possible and transmit at the tower's uplink frequency with the lowest spread factor the phone can do. CDMA based systems need all mobile devices to have the power received at the tower to be near the same (after processing gain). This means that phones further away need to transmit with more power, and the cell phone tower tells the phone hundreds of times a second to either raise or lower its transmit power. This is one reason why the talk times experienced from users can be very variable. A WCDMA phone needs to have over 80db of power control, or the max power needs to be 100,000,000 more powerful than min power. A rogue phone, especially in a city, can do real damage to the network, but nothing permanent.